KNEL/KNELProductionContainers
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

starting the big push to cloudron all the things we need for COO/CTO orgs

Browse Source
This commit is contained in:
Charles N Wyble - admin
2025-07-07 16:54:32 -05:00
parent 054f6c9e2f
commit 2f0fe97933
153 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tsys-cloudron/3dprintfarm.knownelement.com/3dprintfarm-info.md Normal file
View File

@@ -0,0 +1,3 @@
# 3d print farm
- https://projects.knownelement.com/issues/280

8
tsys-cloudron/README.md Normal file
View File

@@ -0,0 +1,8 @@
# README for KNELProductionContainers/Cloudron
This directory contains the TSYS specific configurations for Cloudron deployed applications that we have packaged up in-house.
If you want to see the code for what we put into the app store, that's in:
- ../CloudronPackagingWorkspace
- ../CloudronPackages

3
tsys-cloudron/Tradingdesk.thecampustradingco.com/tradingdesk-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Trading Desk
- https://projects.knownelement.com/issues/226

3
tsys-cloudron/agency.merchantsofhope.org/agency-info,md Normal file
View File

@@ -0,0 +1,3 @@
# Agency
https://projects.knownelement.com/issues/178

3
tsys-cloudron/apigw.knownelement.com/apigw-info.md Normal file
View File

@@ -0,0 +1,3 @@
# APIGW
https://projects.knownelement.com/issues/179

3
tsys-cloudron/atak.knownelement.com/atak-info.md Normal file
View File

@@ -0,0 +1,3 @@
# ATAK Info
- https://projects.knownelement.com/issues/180

3
tsys-cloudron/autobom.knownelement.com/autobom-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Autobom
- https://projects.knownelement.com/issues/278

3
tsys-cloudron/billing.knownelement.com/billing-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Billing
- https://projects.knownelement.com/issues/181

3
tsys-cloudron/boinc.knownelement.com/boinc-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Boinc
- https://projects.knownelement.com/issues/182

3
tsys-cloudron/cde.knownelement.com/cde-info.md Normal file
View File

@@ -0,0 +1,3 @@
# CDE
https://projects.knownelement.com/issues/231

3
tsys-cloudron/chirpstack.knownelement.com/chirpstack-info.md Normal file
View File

@@ -0,0 +1,3 @@
# chirpstack
- https://projects.knownelement.com/issues/184

3
tsys-cloudron/craig.knownelement.com/craig-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Craig
- https://projects.knownelement.com/issues/185

3
tsys-cloudron/danswer.knownelement.com/danswer-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Danswer
- https://projects.knownelement.com/issues/186

30
tsys-cloudron/dashboard.knownelement.com/CloudronPackage/CloudronManifest.json Normal file
View File

@@ -0,0 +1,30 @@
{
"id": "com.easygate.cloudron",
"title": "Easy-gate",
"author": "r7wx",
"description": "A simple web application designed to serve as the central hub for your self-hosted infrastructure. Easy-gate provides real-time parsing of services and notes from a configuration file.",
"tagline": "A gate to your self-hosted infrastructure",
"version": "1.0.0",
"healthCheckPath": "/",
"httpPort": 8080,
"addons": {
"localstorage": {}
},
"manifestVersion": 2,
"website": "https://github.com/r7wx/easy-gate",
"contactEmail": "support@cloudron.io",
"icon": "logo.png",
"tags": [
"dashboard",
"infrastructure",
"services",
"homepage"
],
"env": {
"EASY_GATE_CONFIG": "/app/data/easy-gate.json",
"EASY_GATE_ROOT_PATH": "/app/data"
},
"configurePath": "/",
"minBoxVersion": "7.0.0",
"postInstallMessage": "Easy-gate has been successfully installed. You can now configure your services in the /app/data/easy-gate.json file. By default, Easy-gate runs behind Cloudron's proxy (EASY_GATE_BEHIND_PROXY=true). More configuration options available at https://github.com/r7wx/easy-gate"
}

41
tsys-cloudron/dashboard.knownelement.com/CloudronPackage/Dockerfile Normal file
View File

@@ -0,0 +1,41 @@
FROM cloudron/base:4.2.0
# Adding non-free repo for any potential dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
wget \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
# Set up directory structure
RUN mkdir -p /app/code /app/data /tmp/data
# Default config file
COPY easy-gate.json /tmp/data/easy-gate.json
# Download and install the latest Easy-gate release
RUN mkdir -p /tmp/easy-gate && \
cd /tmp/easy-gate && \
LATEST_VERSION=$(wget -qO- https://api.github.com/repos/r7wx/easy-gate/releases/latest | grep tag_name | cut -d '"' -f 4) && \
wget -q https://github.com/r7wx/easy-gate/releases/download/${LATEST_VERSION}/easy-gate_${LATEST_VERSION#v}_linux_amd64.tar.gz && \
tar -xzf easy-gate_${LATEST_VERSION#v}_linux_amd64.tar.gz && \
mv easy-gate /app/code/ && \
chmod +x /app/code/easy-gate && \
rm -rf /tmp/easy-gate
# Prepare start script
COPY start.sh /app/code/
RUN chmod +x /app/code/start.sh
# Set proper permissions
RUN chown -R cloudron:cloudron /app/code /app/data /tmp/data
# Configure working directory and user
WORKDIR /app/code
USER cloudron
# Expose the port the app runs on
EXPOSE 8080
# Start the application
CMD ["/app/code/start.sh"]

147
tsys-cloudron/dashboard.knownelement.com/CloudronPackage/EasyGate-BulldNotes.md Normal file
View File

@@ -0,0 +1,147 @@
# Easy-gate Build Notes for Cloudron
This document provides instructions for building, testing, and deploying Easy-gate to your Cloudron instance.
## Overview
Easy-gate is a simple web application designed to serve as the central hub for your self-hosted infrastructure. It allows you to organize and access all your self-hosted services from a single dashboard.
Key features:
- Real-time parsing of services and notes from a configuration file (JSON/YAML)
- Ability to assign items to specific user groups based on IP addresses
- Organization of services into categories
- Customizable theme and icons
## Building the Package
### Prerequisites
- A Linux environment with Docker installed
- Cloudron CLI tool installed (`npm install -g cloudron`)
- Authenticated with your Cloudron instance (`cloudron login`)
### Build Steps
1. Create a directory for your build and copy all files into it:
```bash
mkdir easy-gate-build
cd easy-gate-build
# Copy CloudronManifest.json, Dockerfile, start.sh, and easy-gate.json
```
2. Create a logo.png file for the icon or download one from the Easy-gate repository.
3. Build the package:
```bash
cloudron build
```
This command will create a package file (usually named `easy-gate-1.0.0.tar.gz`).
## Testing Locally
You can test the Docker container locally before deploying to Cloudron:
```bash
# Build the Docker image
docker build -t easy-gate-local .
# Run the container
docker run -p 8080:8080 -e EASY_GATE_BEHIND_PROXY=true easy-gate-local
```
Access the dashboard at http://localhost:8080 to verify it works correctly.
## Deploying to Cloudron
1. Upload the built package to your Cloudron:
```bash
cloudron install —app easy-gate.example.com
```
2. Or, if you want to update an existing installation:
```bash
cloudron update —app easy-gate.example.com
```
3. Configure your Easy-gate instance:
After installation, youll need to edit the configuration file to add your services. You can do this in two ways:
### Option 1: Using Cloudron File Manager
1. Go to your Cloudron dashboard
2. Click on the Easy-gate application
3. Go to “Files” tab
4. Navigate to `/app/data/`
5. Edit `easy-gate.json`
### Option 2: SSH Access
1. SSH into your Cloudron server
2. Access the apps data directory:
```bash
cloudron exec —app easy-gate.example.com
```
3. Edit the configuration file:
```bash
nano /app/data/easy-gate.json
```
## Configuration File Structure
The configuration file uses the following structure:
```json
{
“title”: “My Dashboard”,
“theme”: {
“background”: “#f8f9fa”,
“foreground”: “#212529”,
“custom_css”: “”
},
“groups”: [
{
“name”: “group-name”,
“subnet”: “192.168.1.1/24”
}
],
“categories”: [
{
“name”: “Category Name”,
“services”: [
{
“name”: “Service Name”,
“url”: “https://service.example.com”,
“description”: “Service Description”,
“icon”: “”,
“groups”: [“group-name”]
}
]
}
],
“notes”: [
{
“name”: “Note Title”,
“text”: “Note Content”,
“groups”: [“group-name”]
}
],
“behind_proxy”: true
}
```
## Troubleshooting
- If you encounter “502 Bad Gateway” errors, check that the application is running inside the container: `cloudron logs -f —app easy-gate.example.com`
- Make sure the `behind_proxy` setting is set to `true` in your configuration file
- Verify that the user groups and subnets are configured correctly
- Check the logs for any specific error messages
## Maintenance
Easy-gate is designed to be low-maintenance. To update to a newer version, simply rebuild the package with the latest release and update your Cloudron app.

69
tsys-cloudron/dashboard.knownelement.com/CloudronPackage/easy-gate.json Normal file
View File

@@ -0,0 +1,69 @@
{
"title": "My Self-Hosted Infrastructure",
"theme": {
"background": "#f8f9fa",
"foreground": "#212529",
"custom_css": ""
},
"groups": [
{
"name": "internal",
"subnet": "192.168.1.1/24"
},
{
"name": "admin",
"subnet": "10.8.0.1/24"
}
],
"categories": [
{
"name": "Applications",
"services": [
{
"name": "Cloudron",
"url": "https://my.example.com",
"description": "My Cloudron Dashboard",
"icon": "",
"groups": []
}
]
},
{
"name": "Media",
"services": [
{
"name": "Jellyfin",
"url": "https://jellyfin.example.com",
"description": "Media Server",
"icon": "",
"groups": []
}
]
},
{
"name": "Monitoring",
"services": [
{
"name": "Grafana",
"url": "https://grafana.example.com",
"description": "Monitoring Dashboard",
"icon": "",
"groups": ["admin"]
}
]
}
],
"notes": [
{
"name": "Welcome to Easy-gate",
"text": "This is your new Easy-gate dashboard. Edit this configuration file to customize your services and notes.",
"groups": []
},
{
"name": "For Administrators",
"text": "Admin-only information can be seen here when connecting from the admin subnet.",
"groups": ["admin"]
}
],
"behind_proxy": true
}

20
tsys-cloudron/dashboard.knownelement.com/CloudronPackage/start.sh Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/bash
set -e
# Initialize data directory if it doesn't exist
if [ ! -f /app/data/easy-gate.json ]; then
echo "Initializing Easy-gate with default configuration..."
cp /tmp/data/easy-gate.json /app/data/
chown cloudron:cloudron /app/data/easy-gate.json
fi
# Set environment variables
export EASY_GATE_CONFIG="/app/data/easy-gate.json"
export EASY_GATE_ROOT_PATH="/app/data"
export EASY_GATE_BEHIND_PROXY="true"
echo "Starting Easy-gate with configuration at ${EASY_GATE_CONFIG}..."
echo "Easy-gate is configured to run behind a proxy (EASY_GATE_BEHIND_PROXY=true)"
# Run the application
exec /app/code/easy-gate

3
tsys-cloudron/dashboard.knownelement.com/dashboard-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Dashboard
- https://projects.knownelement.com/issues/54

3
tsys-cloudron/digital-assets-manager.knownelement.com/digital-assets-manager-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Digital Assets Manager
- https://projects.knownelement.com/issues/275

3
tsys-cloudron/docassemble.knownelement.com/docassemble-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Docassemble
- https://projects.knownelement.com/issues/277

3
tsys-cloudron/drawio.knownelement.com/drawio-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Draw.io
- https://projects.knownelement.com/issues/272

30
tsys-cloudron/elabftw.knownelement.com/CloudronPackage/CloudronManifest.json Normal file
View File

@@ -0,0 +1,30 @@
{
"id": "org.elabftw.cloudron",
"title": "eLabFTW",
"author": "Nicolas CARPi",
"description": "Electronic laboratory notebook to track experiments, manage protocols, store laboratory inventory, communicate with others and more. Your best lab companion.",
"tagline": "Electronic lab notebook for researchers",
"version": "1.0.0",
"healthCheckPath": "/",
"httpPort": 8000,
"addons": {
"mysql": {},
"localstorage": {}
},
"manifestVersion": 2,
"website": "https://www.elabftw.net",
"contactEmail": "support@example.com",
"icon": "file://logo.png",
"memoryLimit": 1024,
"tags": ["science", "lab", "research", "notebook", "eln"],
"minBoxVersion": "7.4.0",
"postInstallMessage": "eLabFTW has been successfully installed! You will need to create a Sysadmin account when you first access the application.",
"documentationUrl": "https://doc.elabftw.net/",
"forwardedHeaders": ["X-Forwarded-For", "X-Forwarded-Proto", "X-Forwarded-Host"],
"tcpPorts": {},
"optionalSso": {
"ldap": {
"enabled": true
}
}
}

59
tsys-cloudron/elabftw.knownelement.com/CloudronPackage/Dockerfile Normal file
View File

@@ -0,0 +1,59 @@
FROM cloudron/base:4.2.0
# Install required packages
RUN apt-get update && \
apt-get install -y \
php-cli \
php-fpm \
php-mysql \
php-curl \
php-gd \
php-intl \
php-mbstring \
php-xml \
php-zip \
php-bcmath \
nginx \
supervisor \
curl \
zip \
unzip \
git \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Get the latest eLabFTW release
WORKDIR /app/code
RUN git clone https://github.com/elabftw/elabftw.git . && \
composer install --no-dev --optimize-autoloader
# Configure NGINX
COPY nginx.conf /etc/nginx/sites-available/default
# Prepare directory structure
RUN mkdir -p /app/data/uploads /app/data/config /app/data/logs /run/php && \
chown -R cloudron:cloudron /app/data /run/php
# Copy initialization data
RUN mkdir -p /tmp/data/config /tmp/data/uploads /tmp/data/logs && \
cp -r /app/code/config-example.yml /tmp/data/config/config.yml && \
chown -R cloudron:cloudron /tmp/data
# Copy start script and supervisor config
COPY start.sh /app/code/
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
RUN chmod +x /app/code/start.sh
# Configure PHP-FPM
RUN sed -i 's/www-data/cloudron/g' /etc/php/*/fpm/pool.d/www.conf && \
sed -i 's/listen = \/run\/php\/php[0-9]\.[0-9]-fpm.sock/listen = \/run\/php\/php-fpm.sock/g' /etc/php/*/fpm/pool.d/www.conf && \
echo 'catch_workers_output = yes' >> /etc/php/*/fpm/pool.d/www.conf
# Create logo image
RUN curl -o /app/code/logo.png https://raw.githubusercontent.com/elabftw/elabftw/master/src/ts/img/logo.png
WORKDIR /app/code
CMD ["/app/code/start.sh"]

109
tsys-cloudron/elabftw.knownelement.com/CloudronPackage/elabftw-BuildNotes.md Normal file
View File

@@ -0,0 +1,109 @@
# eLabFTW Cloudron Package Build Notes
This document provides instructions for building, testing, and deploying the eLabFTW Cloudron package.
## Package Overview
This package deploys eLabFTW, an open-source electronic laboratory notebook (ELN) for researchers, on Cloudron. The package:
- Uses the MySQL addon for database storage
- Uses the localstorage addon for file storage
- Includes NGINX and PHP-FPM configuration
- Supports optional LDAP authentication through Cloudron
## Building the Package
1. Create a new directory for your package:
```bash
mkdir elabftw-cloudron
cd elabftw-cloudron
```
2. Save all the provided files to this directory:
- CloudronManifest.json
- Dockerfile
- start.sh
- nginx.conf
- supervisord.conf
3. Make the start.sh file executable:
```bash
chmod +x start.sh
```
4. Download the eLabFTW logo for the package icon:
```bash
curl -o logo.png https://raw.githubusercontent.com/elabftw/elabftw/master/src/ts/img/logo.png
```
5. Build the package:
```bash
cloudron build
```
## Testing the Package
1. Install the package on your Cloudron for testing:
```bash
cloudron install —location elabftw.example.com
```
2. After installation, visit the application URL and complete the initial setup:
- Create the Sysadmin account
- Configure your teams and user groups
- Set up any initial templates or protocols
3. Test the following functionality:
- User authentication (local accounts)
- File uploads (should be stored in /app/data/uploads)
- Database connection (should be using Cloudron MySQL)
- LDAP authentication (if enabled)
- General application functionality
## Deploying to Production
1. Once testing is complete, you can deploy to production:
```bash
cloudron install —location elabftw.yourdomain.com
```
2. For production use, consider:
- Setting up regular backups of the Cloudron app
- Configuring LDAP authentication if needed (via Cloudron UI)
- Adjusting memory limits in CloudronManifest.json if necessary based on usage
## Post-Installation
After installation, youll need to:
1. Create a Sysadmin account when first accessing the application
2. Configure teams and user groups
3. Set up experiment templates and protocols as needed
4. Consider enabling and configuring LDAP authentication for easier user management
## Troubleshooting
- Check logs with `cloudron logs -f elabftw`
- If database issues occur, verify the MySQL addon is properly configured
- For file storage issues, check permissions on /app/data directories
- For authentication issues, verify LDAP configuration (if using LDAP)
## Updates
When a new version of eLabFTW is released:
1. Update the git clone command in the Dockerfile to point to the latest release (or specific tag)
2. Rebuild and update your package:
```bash
cloudron build
cloudron update —app elabftw.yourdomain.com
```
## Customization
You can customize the package by:
1. Modifying the config.yml template in /tmp/data/config to set default values
2. Adjusting PHP settings in the Dockerfile or php.ini
3. Modifying NGINX configuration for special requirements
4. Adjusting memory limits in CloudronManifest.json based on usage patterns

38
tsys-cloudron/elabftw.knownelement.com/CloudronPackage/nginx.conf Normal file
View File

@@ -0,0 +1,38 @@
server {
listen 8000;
server_name _;
root /app/code/web;
index index.php;
client_max_body_size 100M;
access_log /dev/stdout;
error_log /dev/stderr;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass unix:/run/php/php-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS on;
# Forward Cloudron proxy headers
fastcgi_param HTTP_X_FORWARDED_FOR $http_x_forwarded_for;
fastcgi_param HTTP_X_FORWARDED_PROTO $http_x_forwarded_proto;
fastcgi_param HTTP_X_FORWARDED_HOST $http_x_forwarded_host;
}
# Deny access to other PHP files
location ~ \.php$ {
return 404;
}
# Rewrite app routes
location @rewriteapp {
rewrite ^(.*)$ /index.php/$1 last;
}
}

53
tsys-cloudron/elabftw.knownelement.com/CloudronPackage/start.sh Normal file
View File

@@ -0,0 +1,53 @@
#!/bin/bash
set -e
# Create directory structure if it doesn't exist
if [ ! -d /app/data/uploads ]; then
mkdir -p /app/data/uploads
cp -r /tmp/data/uploads/* /app/data/uploads/ 2>/dev/null || true
chown -R cloudron:cloudron /app/data/uploads
fi
if [ ! -d /app/data/logs ]; then
mkdir -p /app/data/logs
cp -r /tmp/data/logs/* /app/data/logs/ 2>/dev/null || true
chown -R cloudron:cloudron /app/data/logs
fi
if [ ! -f /app/data/config/config.yml ]; then
mkdir -p /app/data/config
cp -r /tmp/data/config/* /app/data/config/ 2>/dev/null || true
# Configure database connection
sed -i "s/host: .*/host: ${CLOUDRON_MYSQL_HOST}/" /app/data/config/config.yml
sed -i "s/port: .*/port: ${CLOUDRON_MYSQL_PORT}/" /app/data/config/config.yml
sed -i "s/database: .*/database: ${CLOUDRON_MYSQL_DATABASE}/" /app/data/config/config.yml
sed -i "s/username: .*/username: ${CLOUDRON_MYSQL_USERNAME}/" /app/data/config/config.yml
sed -i "s/password: .*/password: ${CLOUDRON_MYSQL_PASSWORD}/" /app/data/config/config.yml
# Configure paths
sed -i "s|uploads: .*|uploads: /app/data/uploads|" /app/data/config/config.yml
sed -i "s|logs: .*|logs: /app/data/logs|" /app/data/config/config.yml
# Configure LDAP if enabled
if [ "${CLOUDRON_LDAP_ENABLED}" == "true" ]; then
# Update LDAP settings in config
sed -i "s/ldap_enabled: .*/ldap_enabled: true/" /app/data/config/config.yml
sed -i "s/ldap_host: .*/ldap_host: ${CLOUDRON_LDAP_SERVER}/" /app/data/config/config.yml
sed -i "s/ldap_port: .*/ldap_port: ${CLOUDRON_LDAP_PORT}/" /app/data/config/config.yml
sed -i "s/ldap_username: .*/ldap_username: ${CLOUDRON_LDAP_BIND_DN}/" /app/data/config/config.yml
sed -i "s/ldap_password: .*/ldap_password: ${CLOUDRON_LDAP_BIND_PASSWORD}/" /app/data/config/config.yml
sed -i "s/ldap_base_dn: .*/ldap_base_dn: ${CLOUDRON_LDAP_USERS_BASE_DN}/" /app/data/config/config.yml
fi
chown -R cloudron:cloudron /app/data/config
fi
# Create a symlink to the config file
ln -sf /app/data/config/config.yml /app/code/config.yml
# Set proper permissions
chown -R cloudron:cloudron /app/data
# Start the supervisord
exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf

24
tsys-cloudron/elabftw.knownelement.com/CloudronPackage/supervisord.conf Normal file
View File

@@ -0,0 +1,24 @@
[supervisord]
nodaemon=true
logfile=/dev/stdout
logfile_maxbytes=0
[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autostart=true
autorestart=true
priority=10
[program:php-fpm]
command=/usr/sbin/php-fpm8.1 -F
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autostart=true
autorestart=true
priority=5

3
tsys-cloudron/elabftw.knownelement.com/elabftw-info.md Normal file
View File

@@ -0,0 +1,3 @@
# ElabFTW
- https://projects.knownelement.com/issues/188

3
tsys-cloudron/errortrack.knownelement.com/errortrack-info,md Normal file
View File

@@ -0,0 +1,3 @@
# Errortrack
- https://projects.knownelement.com/issues/220

3
tsys-cloudron/etl.knownelement.com/info-etl.md Normal file
View File

@@ -0,0 +1,3 @@
# ETL
- https://projects.knownelement.com/issues/301

3
tsys-cloudron/functions.knownelement.com/functions-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Functions
- https://projects.knownelement.com/issues/232

3
tsys-cloudron/fuzz.knownelement.com/fuzz-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Fuzz
- https://projects.knownelement.com/issues/281

44
tsys-cloudron/governance.knownelement.com/CloudronPackage/CloudronManifest.json Normal file
View File

@@ -0,0 +1,44 @@
{
"id": "net.consuldemocracy.cloudron",
"title": "Consul Democracy",
"author": "Consul Democracy Community",
"description": "Open Government and E-Participation Web Software",
"tagline": "The most comprehensive citizen participation platform",
"version": "1.0.0",
"healthCheckPath": "/",
"httpPort": 8000,
"addons": {
"localstorage": {},
"postgresql": {
"version": "14"
},
"ldap": {},
"sendmail": {}
},
"manifestVersion": 2,
"website": "https://consuldemocracy.org",
"contactEmail": "info@consuldemocracy.org",
"icon": "file://logo.png",
"tags": [
"democracy",
"participation",
"open-government",
"rails"
],
"dockerImage": "{origin}/consuldemocracy",
"memoryLimit": 1024,
"documentationUrl": "https://docs.consuldemocracy.org/",
"forumUrl": "https://github.com/consuldemocracy/consuldemocracy/discussions",
"minBoxVersion": "7.0.0",
"mediaLinks": [],
"changelog": "Initial version",
"postInstallMessage": "Consul Democracy has been successfully installed! The default administrator credentials are:\n\nUsername: admin@example.org\nPassword: password\n\nPlease login and change these immediately.",
"configurePath": "/admin",
"backup": {
"backupScriptPath": "/app/code/backup.sh"
},
"sso": {
"loginPath": "/users/sign_in",
"callbackPath": "/oauth/callback"
}
}

114
tsys-cloudron/governance.knownelement.com/CloudronPackage/CounslDemocracyBulldNotes.md Normal file
View File

@@ -0,0 +1,114 @@
# Consul Democracy - Cloudron Build Notes
## Overview
Consul Democracy is an open-source citizen participation and open government platform, originally developed for the Madrid City government. This package enables easy deployment on the Cloudron platform with full integration of Cloudrons authentication, database, and email systems.
## Prerequisites
- A running Cloudron instance (version 7.0.0 or later)
- Basic familiarity with Cloudrons CLI for package development
- Git installed on your local machine
## Building the Package
1. Clone this repository:
```bash
git clone https://github.com/your-username/cloudron-consuldemocracy.git
cd cloudron-consuldemocracy
```
2. Install the Cloudron CLI if you havent already:
```bash
npm install -g cloudron
```
3. Login to your Cloudron:
```bash
cloudron login https://my.example.com
```
4. Build and install the package:
```bash
cloudron build
cloudron install —image consuldemocracy
```
## Configuration
### Post-Installation
After installation, the app will be available at your configured domain. The initial admin credentials are:
- Username: admin@example.org
- Password: password
**Important:** Change these credentials immediately after logging in.
### LDAP Integration
The package is configured to use Cloudrons LDAP server for authentication. Users who have access to the app through Cloudrons access control panel will be able to log in using their Cloudron credentials.
### OIDC Integration
For enhanced security, the package also supports Cloudrons OIDC provider. This is automatically configured during installation.
### Email Configuration
The package is configured to use Cloudrons SMTP server for sending emails. No additional configuration is needed.
## Customization
### Environment Variables
You can customize the app by setting environment variables in the Cloudron app configuration:
- `CONSUL_CUSTOM_LOGO`: URL to a custom logo
- `CONSUL_ORGANIZATION_NAME`: Name of your organization
- `CONSUL_THEME_COLOR`: Primary theme color (hex code)
### Filesystem Structure
- `/app/data/files`: Persistent storage for uploaded files
- `/app/data/images`: Persistent storage for uploaded images
- `/app/data/log`: Application logs
- `/app/data/tmp`: Temporary files
## Troubleshooting
### Common Issues
1. **Database Migration Errors**:
Check the app logs for specific error messages:
```bash
cloudron logs -f
```
2. **Authentication Issues**:
Ensure that the LDAP configuration is correct and that users have been granted access to the app in Cloudrons access control panel.
3. **Email Delivery Problems**:
Verify that the Cloudron mail addon is properly configured.
### Support
For issues specific to this package:
- Create an issue in the GitHub repository
- Contact the maintainer at: your-email@example.com
For issues with Consul Democracy itself:
- Visit the [Consul Democracy documentation](https://docs.consuldemocracy.org/)
- Check the [GitHub issues](https://github.com/consuldemocracy/consuldemocracy/issues)
## Updates and Maintenance
To update the app:
1. Pull the latest changes from the repository
2. Rebuild the package:
```bash
cloudron build
cloudron update —app consuldemocracy
```
Regular database backups are automatically handled by Cloudrons backup system.

93
tsys-cloudron/governance.knownelement.com/CloudronPackage/Dockerfile Normal file
View File

@@ -0,0 +1,93 @@
FROM cloudron/base:4.2.0
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
cmake \
pkg-config \
git \
curl \
ruby-full \
nodejs \
npm \
imagemagick \
libpq-dev \
libxml2-dev \
libxslt1-dev \
zlib1g-dev \
libyaml-dev \
libssl-dev \
libreadline-dev \
supervisor \
nginx \
&& rm -rf /var/lib/apt/lists/*
# Update npm and install yarn
RUN npm install -g yarn
# Set Ruby and NodeJS versions
ENV RUBY_VERSION=3.2.8
ENV NODE_VERSION=18.20.3
# Ensure correct nodejs version (Node.js is already installed in base image)
RUN n ${NODE_VERSION}
# Create app directory structure
RUN mkdir -p /app/code /app/data /tmp/data
# Clone the app
RUN git clone https://github.com/consuldemocracy/consuldemocracy.git /app/code
WORKDIR /app/code
# Install bundler
RUN gem install bundler
# Install gems
RUN bundle install --deployment --without development test
# Install JavaScript dependencies
RUN yarn install
# Precompile assets
RUN SECRET_KEY_BASE=precompilation_key RAILS_ENV=production bundle exec rake assets:precompile
# Configure Nginx
RUN rm -f /etc/nginx/sites-enabled/default
COPY nginx.conf /etc/nginx/sites-enabled/consuldemocracy.conf
# Configure Supervisor
COPY supervisord.conf /etc/supervisor/conf.d/consuldemocracy.conf
# Add initialization script for /app/data
COPY init-data.sh /app/code/
RUN chmod +x /app/code/init-data.sh
# Copy backup script
COPY backup.sh /app/code/
RUN chmod +x /app/code/backup.sh
# Copy database configuration
COPY database.yml /app/code/config/database.yml
# Copy secrets configuration template
COPY secrets.yml /app/code/config/secrets.yml
# Add LDAP configuration
COPY ldap.yml /app/code/config/ldap.yml
# Copy oauth integration config
COPY oauth.rb /app/code/config/initializers/oauth.rb
# Copy the startup script
COPY start.sh /app/code/
RUN chmod +x /app/code/start.sh
# Set appropriate permissions
RUN chown -R cloudron:cloudron /app/code
# Configure app for production
ENV RAILS_ENV=production
ENV RAILS_SERVE_STATIC_FILES=true
# Entrypoint
CMD ["/app/code/start.sh"]

23
tsys-cloudron/governance.knownelement.com/CloudronPackage/backup.sh Normal file
View File

@@ -0,0 +1,23 @@
#!/bin/bash
set -e
echo "Performing Consul Democracy backup..."
# The Cloudron backup system will automatically handle:
# 1. /app/data
# 2. PostgreSQL database
# We don't need any custom backup logic as Cloudron handles
# both the database and the data directory.
# In case of any application-specific backup needs:
# 1. Run any pre-backup tasks
cd /app/code
RAILS_ENV=production bundle exec rake tmp:clear
# 2. Ensure all user uploads are synced
sync
echo "Backup preparation complete"
exit 0

18
tsys-cloudron/governance.knownelement.com/CloudronPackage/database.yaml Normal file
View File

@@ -0,0 +1,18 @@
default: &default
adapter: postgresql
encoding: unicode
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
timeout: 5000
development:
<<: *default
database: consuldemocracy_development
test:
<<: *default
database: consuldemocracy_test
production:
<<: *default
url: <%= ENV['DATABASE_URL'] %>
pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 20 } %>

39
tsys-cloudron/governance.knownelement.com/CloudronPackage/int-data.sh Normal file
View File

@@ -0,0 +1,39 @@
#!/bin/bash
set -e
echo "Initializing data directory..."
# Check if data directories exist, if not create them
mkdir -p /app/data/files
mkdir -p /app/data/images
mkdir -p /app/data/log
mkdir -p /app/data/tmp
# Generate a secret key base if it doesn't exist
if [ ! -f /app/data/secret_key_base ]; then
echo "Generating secret key base..."
openssl rand -hex 64 > /app/data/secret_key_base
chmod 600 /app/data/secret_key_base
fi
# Create symlinks from app to data directory
if [ ! -L /app/code/storage ]; then
ln -sf /app/data/files /app/code/storage
fi
if [ ! -L /app/code/public/uploads ]; then
ln -sf /app/data/images /app/code/public/uploads
fi
if [ ! -L /app/code/log ]; then
ln -sf /app/data/log /app/code/log
fi
if [ ! -L /app/code/tmp ]; then
ln -sf /app/data/tmp /app/code/tmp
fi
# Set proper permissions
chown -R cloudron:cloudron /app/data
echo "Data directory initialized."

15
tsys-cloudron/governance.knownelement.com/CloudronPackage/ldap.yaml Normal file
View File

@@ -0,0 +1,15 @@
production:
enabled: true
host: <%= ENV['LDAP_HOST'] %>
port: <%= ENV['LDAP_PORT'] %>
ssl: true
admin_user: <%= ENV['LDAP_ADMIN_USER'] %>
admin_password: <%= ENV['LDAP_ADMIN_PASSWORD'] %>
base: <%= ENV['LDAP_BASE'] %>
user_filter: "(uid=%{username})"
group_base: <%= ENV['CLOUDRON_LDAP_GROUPS_BASE_DN'] %>
required_groups:
- <%= ENV['CLOUDRON_LDAP_GROUPS_BASE_DN'] %>
attribute_mapping:
email: mail
name: displayName

47
tsys-cloudron/governance.knownelement.com/CloudronPackage/nginx.conf Normal file
View File

@@ -0,0 +1,47 @@
server {
listen 8000;
server_name _;
root /app/code/public;
client_max_body_size 100M;
# Handle asset requests
location ~ ^/(assets|packs)/ {
expires max;
add_header Cache-Control public;
}
# Proxy requests to the Rails application
location / {
try_files $uri @passenger;
}
location @passenger {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
# Forward the original request scheme (http or https)
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
# Needed for Cloudron authentication
proxy_set_header X-Cloudron-Proxy-Port 8000;
# Proxy to the Rails application served by Puma
proxy_pass http://unix:/run/consuldemocracy.sock;
proxy_redirect off;
}
# Error pages
error_page 500 502 503 504 /500.html;
error_page 404 /404.html;
error_page 422 /422.html;
# Logging
access_log /dev/stdout;
error_log /dev/stderr;
}

29
tsys-cloudron/governance.knownelement.com/CloudronPackage/oauth.rb Normal file
View File

@@ -0,0 +1,29 @@
# Configure OAuth integration with Cloudron
if ENV['CLOUDRON_OIDC_IDENTIFIER'] && Rails.env.production?
Rails.application.config.middleware.use OmniAuth::Builder do
provider :openid_connect, {
name: :cloudron,
scope: [:openid, :email, :profile],
response_type: :code,
uid_field: 'sub',
discovery: true,
client_options: {
identifier: ENV['CLOUDRON_OIDC_CLIENT_ID'],
secret: ENV['CLOUDRON_OIDC_CLIENT_SECRET'],
redirect_uri: "https://#{ENV['CLOUDRON_APP_DOMAIN']}/oauth/callback",
port: 443,
scheme: 'https',
host: "#{ENV['CLOUDRON_APP_DOMAIN']}",
discovery_document: ENV['CLOUDRON_OIDC_IDENTIFIER']
},
client_auth_method: 'secret_basic'
}
end
# Map additional user attributes from Cloudron OIDC
OmniAuth::Strategies::OAuth2.class_eval do
def callback_url
full_host + script_name + callback_path
end
end
end

21
tsys-cloudron/governance.knownelement.com/CloudronPackage/secrets.yaml Normal file
View File

@@ -0,0 +1,21 @@
default: &default
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
server_name: <%= ENV["CLOUDRON_APP_DOMAIN"] %>
smtp_settings:
address: <%= ENV["SMTP_ADDRESS"] %>
port: <%= ENV["SMTP_PORT"] %>
domain: <%= ENV["SMTP_DOMAIN"] %>
user_name: <%= ENV["SMTP_USER_NAME"] %>
password: <%= ENV["SMTP_PASSWORD"] %>
authentication: "login"
enable_starttls_auto: true
mailer_sender: <%= "noreply@#{ENV['CLOUDRON_APP_DOMAIN']}" %>
development:
<<: *default
test:
<<: *default
production:
<<: *default

45
tsys-cloudron/governance.knownelement.com/CloudronPackage/start.sh Normal file
View File

@@ -0,0 +1,45 @@
#!/bin/bash
set -e
echo "Starting Consul Democracy..."
# Initialize the data directory if it doesn't exist
/app/code/init-data.sh
cd /app/code
# Setup environment variables
export DATABASE_URL="postgresql://${CLOUDRON_POSTGRESQL_USERNAME}:${CLOUDRON_POSTGRESQL_PASSWORD}@${CLOUDRON_POSTGRESQL_HOST}:${CLOUDRON_POSTGRESQL_PORT}/${CLOUDRON_POSTGRESQL_DATABASE}"
export SECRET_KEY_BASE=$(cat /app/data/secret_key_base)
export RAILS_ENV=production
export RAILS_SERVE_STATIC_FILES=true
export RAILS_LOG_TO_STDOUT=true
# Configure email settings
export SMTP_ADDRESS=${CLOUDRON_MAIL_SMTP_SERVER}
export SMTP_PORT=${CLOUDRON_MAIL_SMTP_PORT}
export SMTP_DOMAIN=${CLOUDRON_APP_DOMAIN}
export SMTP_USER_NAME=${CLOUDRON_MAIL_SMTP_USERNAME}
export SMTP_PASSWORD=${CLOUDRON_MAIL_SMTP_PASSWORD}
# LDAP Setup for Cloudron integration
export LDAP_HOST=${CLOUDRON_LDAP_SERVER}
export LDAP_PORT=${CLOUDRON_LDAP_PORT}
export LDAP_ADMIN_USER=${CLOUDRON_LDAP_BIND_DN}
export LDAP_ADMIN_PASSWORD=${CLOUDRON_LDAP_BIND_PASSWORD}
export LDAP_BASE=${CLOUDRON_LDAP_USERS_BASE_DN}
# Run db migrations if needed
echo "Running database migrations..."
bundle exec rake db:migrate
# Seed the database if it's the first run
if [ ! -f /app/data/.initialized ]; then
echo "First run detected, seeding the database..."
bundle exec rake db:seed
touch /app/data/.initialized
fi
# Start the application server via supervisord
echo "Starting supervisord..."
exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf

32
tsys-cloudron/governance.knownelement.com/CloudronPackage/supervisord.conf Normal file
View File

@@ -0,0 +1,32 @@
[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
autostart=true
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
[program:rails]
directory=/app/code
command=bundle exec puma -e production -b unix:///run/consuldemocracy.sock
user=cloudron
autostart=true
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
environment=RAILS_ENV=production,RAILS_LOG_TO_STDOUT=true,RAILS_SERVE_STATIC_FILES=true
[program:sidekiq]
directory=/app/code
command=bundle exec sidekiq -e production
user=cloudron
autostart=true
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
environment=RAILS_ENV=production,RAILS_LOG_TO_STDOUT=true

3
tsys-cloudron/governance.knownelement.com/governance-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Governance
- https://projects.knownelement.com/issues/189

46
tsys-cloudron/grist.knownelement.com/CloudronPackage/CloudronManifest.json Normal file
View File

@@ -0,0 +1,46 @@
{
"id": "com.getgrist.cloudron",
"title": "Grist",
"author": "Grist Labs",
"description": "A modern, open source spreadsheet that goes beyond the grid. Grist combines the flexibility of a spreadsheet with the robustness of a database to organize your data your way.",
"tagline": "Modern relational spreadsheet with Python formulas",
"version": "1.0.0",
"healthCheckPath": "/healthz",
"httpPort": 8080,
"addons": {
"localstorage": {},
"postgresql": {
"userName": "grist",
"databaseName": "grist"
}
},
"manifestVersion": 2,
"website": "https://www.getgrist.com/",
"documentationUrl": "https://support.getgrist.com/",
"contactEmail": "support@getgrist.com",
"icon": "file://logo.png",
"memoryLimit": 1024,
"tags": ["spreadsheet", "database", "python", "dashboard"],
"minBoxVersion": "7.0.0",
"installationNotes": {
"en": "The default administrator account is set to your Cloudron email. Access Grist at the configured subdomain."
},
"postInstallationNotes": {
"en": "Grist has been successfully installed. The administrator account is set to your Cloudron email. Sign in using your Cloudron account credentials."
},
"forumUrl": "https://community.getgrist.com/",
"mediaLinks": [
"https://www.getgrist.com/assets/images/grist-demo.png"
],
"authentication": {
"loginPath": "/auth/login",
"logoutPath": "/auth/logout",
"impl": "oauth",
"oauth": {
"clientId": "{{cloudronOAuthClientId}}",
"clientSecret": "{{cloudronOAuthClientSecret}}",
"callbackPath": "/oauth2/callback",
"scope": "profile email"
}
}
}

79
tsys-cloudron/grist.knownelement.com/CloudronPackage/Dockerfile Normal file
View File

@@ -0,0 +1,79 @@
FROM cloudron/base:4.2.0
# Add Cloudron specific environment
ENV CLOUDRON=1 \
HOME=/app/data \
LC_ALL=C.UTF-8 \
LANG=C.UTF-8 \
USER=cloudron \
PORT=8080 \
PYTHON_VERSION=3 \
PYTHON_VERSION_ON_CREATION=3 \
DEBUG=0
# Install required dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
wget \
gnupg \
supervisor \
python3 \
python3-pip \
python3-setuptools \
python3-wheel \
python3-venv \
build-essential \
pkg-config \
xvfb \
xauth \
libcairo2-dev \
libpango1.0-dev \
libglib2.0-dev \
nodejs \
npm \
git \
sqlite3 \
curl \
ca-certificates && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Create required directories
RUN mkdir -p /app/code /app/data /app/pkg /app/log && \
mkdir -p /app/data/docs
# Clone Grist
WORKDIR /app/pkg
RUN git clone --depth 1 https://github.com/gristlabs/grist-core.git && \
cd grist-core && \
npm install && \
npm run build && \
cd /app/pkg
# Set up supervisor config
COPY supervisor.conf /etc/supervisor/conf.d/grist.conf
COPY nginx.conf /app/pkg/nginx.conf
# Nginx site configuration
COPY nginx-app.conf /etc/nginx/sites-available/grist
RUN ln -sf /etc/nginx/sites-available/grist /etc/nginx/sites-enabled/grist && \
rm -f /etc/nginx/sites-enabled/default
# Add scripts
COPY start.sh /app/pkg/
RUN chmod +x /app/pkg/start.sh
# Set up initialization data
COPY --chown=cloudron:cloudron init_data/ /app/pkg/init_data/
# Set ownership
RUN chown -R cloudron:cloudron /app/code /app/data /app/pkg /app/log
# Set working directory
WORKDIR /app/pkg
# Run as cloudron user
USER cloudron
# Start application
CMD ["/app/pkg/start.sh"]

131
tsys-cloudron/grist.knownelement.com/CloudronPackage/GristBuildNotes.md Normal file
View File

@@ -0,0 +1,131 @@
# Grist Cloudron Package Build Notes
## Overview
This document provides instructions for building, testing, and deploying the Grist Cloudron package. Grist is a modern, open-source spreadsheet application with database capabilities, Python formulas, and collaborative features.
## Package Components
The package includes the following files:
1. `CloudronManifest.json` - Configuration file for Cloudron
2. `Dockerfile` - Instructions for building the Docker image
3. `start.sh` - Initialization and startup script
4. `supervisor.conf` - Process management configuration
5. `nginx-app.conf` - NGINX site configuration
6. `nginx.conf` - NGINX main configuration
7. `logo.png` - Grist logo for Cloudron (needs to be added)
## Prerequisites
- Cloudron server (v7.0.0 or newer)
- Docker installed on your build machine
- Cloudron CLI installed on your build machine
## Build Instructions
1. **Prepare the package directory**
Create a directory for your package and place all the files in it:
```bash
mkdir -p grist-cloudron
cd grist-cloudron
# Copy all files into this directory
```
2. **Add the Grist logo**
Download the Grist logo and save it as `logo.png` in the package directory:
```bash
curl -o logo.png https://raw.githubusercontent.com/gristlabs/grist-core/main/static/favicon.png
```
3. **Create an initialization data directory**
```bash
mkdir -p init_data
```
4. **Build the Docker image**
```bash
cloudron build
```
## Testing the Package
1. **Install the package on your Cloudron for testing**
```bash
cloudron install —image your-docker-image-name
```
2. **Verify the installation**
Once installed, navigate to the apps URL and verify that:
- The login page appears correctly
- You can log in using your Cloudron credentials
- You can create and edit documents
- Document imports and exports work properly
- Python formulas are functioning correctly
3. **Test authentication**
Verify that:
- Authentication with Cloudron accounts works
- User permissions are applied correctly
- Logging out works properly
## Common Issues and Troubleshooting
1. **Authentication Issues**
- Check that the OAuth configuration is correct in `CloudronManifest.json`
- Verify environment variables in `start.sh` related to OIDC
2. **Database Connection Problems**
- Verify PostgreSQL addon configuration
- Check logs for database connection errors
3. **Grist Not Starting**
- Check supervisord logs: `cloudron logs -f`
- Verify that the required directories exist and have proper permissions
4. **File Upload Issues**
- Verify the `client_max_body_size` setting in the NGINX configuration
## Deployment
1. **Prepare the package for production**
```bash
cloudron build
cloudron upload
```
2. **Install from the Cloudron App Store**
After submission and approval, users can install directly from the Cloudron App Store.
## Maintenance
1. **Updating Grist**
To update Grist to a newer version:
- Update the git clone command in the `Dockerfile`
- Update the version in `CloudronManifest.json`
- Rebuild and redeploy
2. **Backing Up**
Cloudron automatically backs up:
- The PostgreSQL database
- The `/app/data` directory containing all Grist documents
## Additional Resources
- [Grist Documentation](https://support.getgrist.com/)
- [Grist GitHub Repository](https://github.com/gristlabs/grist-core)
- [Cloudron Documentation](https://docs.cloudron.io/)
- [Grist Community Forum](https://community.getgrist.com/)

53
tsys-cloudron/grist.knownelement.com/CloudronPackage/nginx-app.conf Normal file
View File

@@ -0,0 +1,53 @@
server {
listen 8080;
server_name localhost;
# Set maximum upload size
client_max_body_size 300M;
# Add security headers
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Frame-Options SAMEORIGIN;
add_header Referrer-Policy strict-origin-when-cross-origin;
# Main location for Grist
location / {
proxy_pass http://127.0.0.1:8484;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_read_timeout 90;
proxy_buffering off;
}
# Health check endpoint
location = /healthz {
access_log off;
add_header Content-Type text/plain;
return 200 'OK';
}
# Static file caching
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
proxy_pass http://127.0.0.1:8484;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
expires 30d;
add_header Cache-Control "public, no-transform";
}
# Error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

43
tsys-cloudron/grist.knownelement.com/CloudronPackage/nginx.conf Normal file
View File

@@ -0,0 +1,43 @@
user cloudron;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# SSL Settings
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# Logging Settings
access_log /dev/stdout;
error_log /dev/stderr;
# Gzip Settings
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
# Virtual Host Configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

63
tsys-cloudron/grist.knownelement.com/CloudronPackage/start.sh Normal file
View File

@@ -0,0 +1,63 @@
#!/bin/bash
set -e
# Cloudron environment variables
export GRIST_APP_ROOT="/app/pkg/grist-core"
export GRIST_DATA_DIR="/app/data/docs"
export GRIST_SESSION_SECRET="${CLOUDRON_SESSION_SECRET}"
export APP_HOME_URL="${CLOUDRON_APP_URL}"
export GRIST_DOMAIN="${CLOUDRON_APP_DOMAIN}"
export GRIST_SINGLE_ORG="cloudron"
export GRIST_HIDE_UI_ELEMENTS="billing"
export GRIST_MAX_UPLOAD_ATTACHMENT_MB=100
export GRIST_MAX_UPLOAD_IMPORT_MB=300
export GRIST_SANDBOX_FLAVOR="gvisor"
export GRIST_USER_ROOT="/app/data"
export GRIST_THROTTLE_CPU="true"
export GRIST_DEFAULT_EMAIL="${CLOUDRON_ADMIN_EMAIL}"
export GRIST_FORCE_LOGIN="true"
export GRIST_SUPPORT_ANON="false"
export COOKIE_MAX_AGE=2592000000 # 30 days in milliseconds
# Setup OpenID Connect for Cloudron authentication
export GRIST_OIDC_IDP_ISSUER="${CLOUDRON_APP_ORIGIN}"
export GRIST_OIDC_IDP_CLIENT_ID="${CLOUDRON_OAUTH_CLIENT_ID}"
export GRIST_OIDC_IDP_CLIENT_SECRET="${CLOUDRON_OAUTH_CLIENT_SECRET}"
export GRIST_OIDC_IDP_SCOPES="openid profile email"
export GRIST_OIDC_SP_HOST="${CLOUDRON_APP_URL}"
export GRIST_OIDC_SP_PROFILE_EMAIL_ATTR="email"
export GRIST_OIDC_SP_PROFILE_NAME_ATTR="name"
export GRIST_OIDC_IDP_ENABLED_PROTECTIONS="PKCE,STATE"
# Database configuration using Cloudron PostgreSQL addon
export TYPEORM_TYPE="postgres"
export TYPEORM_DATABASE="${CLOUDRON_POSTGRESQL_DATABASE}"
export TYPEORM_USERNAME="${CLOUDRON_POSTGRESQL_USERNAME}"
export TYPEORM_PASSWORD="${CLOUDRON_POSTGRESQL_PASSWORD}"
export TYPEORM_HOST="${CLOUDRON_POSTGRESQL_HOST}"
export TYPEORM_PORT="${CLOUDRON_POSTGRESQL_PORT}"
export TYPEORM_LOGGING="false"
# Initialize or update data directories if they don't exist
if [ ! -d "/app/data/docs" ]; then
mkdir -p /app/data/docs
echo "Created docs directory"
fi
if [ ! -d "/app/data/home" ]; then
mkdir -p /app/data/home
echo "Created home directory"
fi
# Copy initialization data if needed
if [ -d "/app/pkg/init_data" ] && [ ! -f "/app/data/.initialized" ]; then
cp -R /app/pkg/init_data/* /app/data/
touch /app/data/.initialized
echo "Copied initialization data"
fi
# Ensure proper permissions
chown -R cloudron:cloudron /app/data
# Start supervisor to manage Grist and Nginx
exec /usr/bin/supervisord --nodaemon -c /etc/supervisor/supervisord.conf

32
tsys-cloudron/grist.knownelement.com/CloudronPackage/supervisor.conf Normal file
View File

@@ -0,0 +1,32 @@
[supervisord]
nodaemon=true
logfile=/app/log/supervisord.log
logfile_maxbytes=10MB
logfile_backups=3
loglevel=info
pidfile=/run/supervisord.pid
user=cloudron
[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
priority=10
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autostart=true
autorestart=true
[program:grist]
command=bash -c "cd /app/pkg/grist-core && node sandbox/pyodide.js"
user=cloudron
environment=HOME=/app/data
directory=/app/pkg/grist-core
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autostart=true
autorestart=true
startretries=3
priority=20

3
tsys-cloudron/grist.knownelement.com/grist-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Grist
- https://projects.knownelement.com/issues/191

3
tsys-cloudron/healthcheck.knownelement.com/healthcheck-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Healthcheck
- https://projects.knownelement.com/issues/192

3
tsys-cloudron/huginn.knownelement.com/huginn-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Huginn
- https://projects.knownelement.com/issues/194

24
tsys-cloudron/inventree.knownelement.com/CloudronPackage/CloudronManifest.json Normal file
View File

@@ -0,0 +1,24 @@
{
"id": "org.inventree.cloudronapp",
"title": "InvenTree",
"author": "Your Name",
"description": "InvenTree is an open-source inventory management system which provides intuitive parts management and stock control.",
"tagline": "Open Source Inventory Management System",
"version": "1.0.0",
"healthCheckPath": "/",
"httpPort": 8000,
"manifestVersion": 2,
"website": "https://inventree.org",
"contactEmail": "your.email@example.com",
"icon": "logo.png",
"documentationUrl": "https://docs.inventree.org",
"memoryLimit": 1024000000,
"configurePath": "/admin",
"minBoxVersion": "7.0.0",
"changelog": "Initial version",
"addons": {
"localstorage": {},
"postgresql": {}
},
"postInstallMessage": "InvenTree has been installed. The default admin credentials are:\n\nUsername: admin\nPassword: admin\n\nPlease change the admin password after your first login."
}

74
tsys-cloudron/inventree.knownelement.com/CloudronPackage/Dockerfile Normal file
View File

@@ -0,0 +1,74 @@
FROM cloudron/base:4.2.0
# Set environment variables
ENV PYTHONUNBUFFERED=1 \
DEBIAN_FRONTEND=noninteractive \
INVENTREE_HOME=/app/data \
INVENTREE_MEDIA_ROOT=/app/data/media \
INVENTREE_STATIC_ROOT=/app/data/static \
INVENTREE_SECRET_KEY_FILE=/app/data/secret_key.txt \
INVENTREE_PLUGINS_ENABLED=true \
INVENTREE_PLUGINS_DIR=/app/data/plugins \
INVENTREE_ADMIN_USER=admin \
INVENTREE_ADMIN_PASSWORD=admin \
INVENTREE_ADMIN_EMAIL=admin@example.com
# Install required packages
RUN apt-get update && apt-get install -y \
python3 \
python3-pip \
python3-dev \
python3-venv \
build-essential \
libpq-dev \
git \
nginx \
supervisor \
&& rm -rf /var/lib/apt/lists/*
# Setup nginx for Cloudron
RUN rm /etc/nginx/sites-enabled/* \
&& sed -e 's,^ErrorLog.*,ErrorLog "/dev/stderr",' -i /etc/nginx/nginx.conf \
&& echo "daemon off;" >> /etc/nginx/nginx.conf
# Create InvenTree directories
RUN mkdir -p /app/code \
&& mkdir -p /tmp/data/media \
&& mkdir -p /tmp/data/static \
&& mkdir -p /tmp/data/plugins \
&& mkdir -p /tmp/data/env \
&& mkdir -p /tmp/data/config
# Create Python virtual environment
RUN python3 -m venv /app/code/env
# Clone InvenTree source code
RUN git clone --depth 1 https://github.com/inventree/InvenTree.git /app/code/inventree
# Install InvenTree requirements
WORKDIR /app/code/inventree
RUN /app/code/env/bin/pip install --upgrade pip \
&& /app/code/env/bin/pip install wheel \
&& /app/code/env/bin/pip install --no-cache-dir -r requirements.txt \
&& /app/code/env/bin/pip install psycopg2 gunicorn
# Create default configuration files
COPY config.yaml /tmp/data/config/config.yaml
COPY nginx.conf /etc/nginx/sites-available/inventree
RUN ln -s /etc/nginx/sites-available/inventree /etc/nginx/sites-enabled/
# Copy supervisor configuration
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# Add startup script
COPY start.sh /app/code/start.sh
RUN chmod +x /app/code/start.sh
# Setup NGINX runtime directory
RUN mkdir -p /run/nginx \
&& chown -R cloudron:cloudron /run/nginx
# Expose port
EXPOSE 8000
CMD ["/app/code/start.sh"]

74
tsys-cloudron/inventree.knownelement.com/CloudronPackage/InventreeBuildNotes.txt Normal file
View File

@@ -0,0 +1,74 @@
# InvenTree Cloudron Build Notes
## Package Contents
- CloudronManifest.json - App metadata and resource configuration
- Dockerfile - Container build instructions
- start.sh - App initialization and startup script
- config.yaml - InvenTree configuration template
- nginx.conf - Web server configuration
- supervisord.conf - Process management configuration
## Build & Deploy Steps
### 1. Prepare Local Directory
```bash
mkdir -p inventree-cloudron
cd inventree-cloudron
# Copy all files into this directory
```
### 2. Build & Push to Gitea Registry
```bash
# Login to your Gitea Docker registry
docker login gitea.yourdomain.com
# Build the Docker image
docker build -t gitea.yourdomain.com/yourusername/inventree:1.0.0 .
# Push the image to your registry
docker push gitea.yourdomain.com/yourusername/inventree:1.0.0
```
### 3. Install on Cloudron
```bash
# Login to your Cloudron
cloudron login my.cloudron.example
# Install the app
cloudron install --image gitea.yourdomain.com/yourusername/inventree:1.0.0
```
### 4. Update Process
```bash
# Build with new version tag
docker build -t gitea.yourdomain.com/yourusername/inventree:1.0.1 .
docker push gitea.yourdomain.com/yourusername/inventree:1.0.1
# Update existing installation
cloudron update --app inventree.my.cloudron.example --image gitea.yourdomain.com/yourusername/inventree:1.0.1
```
## Troubleshooting
### Database Issues
If database migrations fail:
```bash
cloudron exec --app inventree.my.cloudron.example -- /app/code/env/bin/python /app/code/inventree/manage.py migrate
```
### Inspect Logs
```bash
cloudron logs --app inventree.my.cloudron.example
```
### Debug Mode
```bash
cloudron debug --app inventree.my.cloudron.example
```
## Initial Access
After installation, access InvenTree at your configured domain with:
- Username: admin
- Password: admin
**Important**: Change this password immediately after first login!

49
tsys-cloudron/inventree.knownelement.com/CloudronPackage/config.yaml Normal file
View File

@@ -0,0 +1,49 @@
# InvenTree configuration file for Cloudron
# Refer to InvenTree documentation for detailed configuration options
# Database connection settings will be provided via environment variables
# General settings
debug: False
log_level: WARNING
# Secret key will be stored in a file
secret_key_file: /app/data/secret_key.txt
# Plugin settings
plugins:
enabled: True
plugin_dir: /app/data/plugins
# File storage locations
media_root: /app/data/media
static_root: /app/data/static
# Email settings - adjust with your Cloudron email settings if needed
email:
host: localhost
port: 25
tls: false
ssl: false
sender: inventree@localhost
# Login settings
login:
default_protocol: https
allow_unverified_signup: False
allow_signup: True
signup_email_verification: False
login_confirm_days: 3
password_reset_timeout_days: 3
# Display settings
customization:
instance_name: InvenTree
default_currency: USD
base_url: "" # Will be set by environment variable in start.sh
# Server settings
server:
workers: 2
allowed_hosts:
- '*' # Cloudron handles this

35
tsys-cloudron/inventree.knownelement.com/CloudronPackage/nginx.conf Normal file
View File

@@ -0,0 +1,35 @@
server {
listen 8000; # This should match the httpPort in CloudronManifest.json
client_max_body_size 100M;
access_log /dev/stdout;
error_log /dev/stderr;
# Serve static files
location /static/ {
alias /app/data/static/;
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
# Serve media files
location /media/ {
alias /app/data/media/;
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
# Proxy requests to gunicorn
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_buffering off;
}
}

72
tsys-cloudron/inventree.knownelement.com/CloudronPackage/start.sh Normal file
View File

@@ -0,0 +1,72 @@
#!/bin/bash
set -e
# PostgreSQL configuration from Cloudron environment variables
if [ -n "${CLOUDRON_POSTGRESQL_HOST}" ]; then
export INVENTREE_DB_ENGINE="postgresql"
export INVENTREE_DB_NAME="${CLOUDRON_POSTGRESQL_DATABASE}"
export INVENTREE_DB_USER="${CLOUDRON_POSTGRESQL_USERNAME}"
export INVENTREE_DB_PASSWORD="${CLOUDRON_POSTGRESQL_PASSWORD}"
export INVENTREE_DB_HOST="${CLOUDRON_POSTGRESQL_HOST}"
export INVENTREE_DB_PORT="${CLOUDRON_POSTGRESQL_PORT}"
else
echo "PostgreSQL addon not configured!"
exit 1
fi
# Ensure data directories exist
if [ ! -d "${INVENTREE_HOME}/media" ]; then
echo "Creating media directory..."
mkdir -p "${INVENTREE_HOME}/media"
cp -rn /tmp/data/media/* "${INVENTREE_HOME}/media/" || true
fi
if [ ! -d "${INVENTREE_HOME}/static" ]; then
echo "Creating static directory..."
mkdir -p "${INVENTREE_HOME}/static"
cp -rn /tmp/data/static/* "${INVENTREE_HOME}/static/" || true
fi
if [ ! -d "${INVENTREE_HOME}/plugins" ]; then
echo "Creating plugins directory..."
mkdir -p "${INVENTREE_HOME}/plugins"
cp -rn /tmp/data/plugins/* "${INVENTREE_HOME}/plugins/" || true
fi
if [ ! -d "${INVENTREE_HOME}/config" ]; then
echo "Creating config directory..."
mkdir -p "${INVENTREE_HOME}/config"
cp -rn /tmp/data/config/* "${INVENTREE_HOME}/config/" || true
fi
# Generate secret key if it doesn't exist
if [ ! -f "${INVENTREE_SECRET_KEY_FILE}" ]; then
echo "Generating secret key..."
python3 -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())" > "${INVENTREE_SECRET_KEY_FILE}"
fi
cd /app/code/inventree
# Set InvenTree base URL (from Cloudron environment)
export INVENTREE_BASE_URL="https://${CLOUDRON_APP_DOMAIN}"
# Apply database migrations and collect static files
echo "Applying database migrations..."
/app/code/env/bin/python manage.py migrate --noinput
echo "Collecting static files..."
/app/code/env/bin/python manage.py collectstatic --noinput
# Create superuser if not exists
echo "Checking for superuser..."
DJANGO_SUPERUSER_PASSWORD="${INVENTREE_ADMIN_PASSWORD}" \
/app/code/env/bin/python manage.py createsuperuser --noinput \
--username "${INVENTREE_ADMIN_USER}" \
--email "${INVENTREE_ADMIN_EMAIL}" || true
# Set proper permissions
chown -R cloudron:cloudron "${INVENTREE_HOME}"
# Start supervisor to manage processes
echo "Starting supervisor..."
exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf

26
tsys-cloudron/inventree.knownelement.com/CloudronPackage/supervisord.conf Normal file
View File

@@ -0,0 +1,26 @@
[supervisord]
nodaemon=true
user=root
logfile=/dev/stdout
logfile_maxbytes=0
[program:gunicorn]
command=/app/code/env/bin/gunicorn InvenTree.wsgi --bind 127.0.0.1:8001 --workers 2 --timeout 60 --preload --forwarded-allow-ips='*'
directory=/app/code/inventree
user=cloudron
autostart=true
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
environment=PYTHONUNBUFFERED=1,INVENTREE_CONFIG_FILE=/app/data/config/config.yaml
[program:nginx]
command=/usr/sbin/nginx
autostart=true
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

3
tsys-cloudron/inventree.knownelement.com/inventree-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Inventree
- https://projects.knownelement.com/issues/173

3
tsys-cloudron/it-fleet.knownelement.com/it-fleet-info.md Normal file
View File

@@ -0,0 +1,3 @@
# IT-fleet
- https://projects.knownelement.com/issues/195

3
tsys-cloudron/jamovi.knownelement.com/jamovi-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Jamovi
- https://projects.knownelement.com/issues/196

40
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/CloudronManifest.json Normal file
View File

@@ -0,0 +1,40 @@
{
"id": "io.jenkins.cloudron",
"title": "Jenkins",
"author": "Cloudron Packager",
"description": "Jenkins is an open source automation server which enables developers to reliably build, test, and deploy their software.",
"tagline": "The leading open source automation server",
"version": "1.0.0",
"healthCheckPath": "/login",
"httpPort": 8080,
"manifestVersion": 2,
"website": "https://jenkins.io/",
"contactEmail": "support@cloudron.io",
"icon": "file://logo.png",
"dockerImage": "cloudron/jenkins",
"memoryLimit": 2048000000,
"addons": {
"localstorage": {
"title": "Jenkins Data"
}
},
"optionalAddons": {
"ldap": {
"title": "LDAP Integration",
"description": "Allow users to login with LDAP credentials"
},
"oauth": {
"title": "OAuth Integration",
"description": "Allow users to login with Cloudron credentials"
}
},
"tags": [
"ci",
"cd",
"devops",
"automation"
],
"postInstallMessage": "Jenkins is now installed. The initial admin password is shown in the logs. You can view it by running 'cloudron logs -f'. The password is displayed after 'Jenkins initial setup is required.' in the logs.",
"minBoxVersion": "5.4.0",
"documentationUrl": "https://jenkins.io/doc/"
}

49
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/Dockerfile Normal file
View File

@@ -0,0 +1,49 @@
FROM cloudron/base:4.2.0
# Add Jenkins repository key and repository
RUN apt-get update && \
apt-get install -y gnupg curl software-properties-common && \
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | gpg --dearmor -o /usr/share/keyrings/jenkins-keyring.gpg && \
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.gpg] https://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list
# Install Jenkins and required dependencies
RUN apt-get update && \
apt-get install -y openjdk-17-jdk jenkins fontconfig && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Install required plugins for Cloudron integration
RUN mkdir -p /tmp/data/plugins && \
cd /tmp/data/plugins && \
curl -L -o ldap.hpi https://updates.jenkins.io/latest/ldap.hpi && \
curl -L -o oic-auth.hpi https://updates.jenkins.io/latest/oic-auth.hpi && \
curl -L -o configuration-as-code.hpi https://updates.jenkins.io/latest/configuration-as-code.hpi && \
curl -L -o credentials.hpi https://updates.jenkins.io/latest/credentials.hpi && \
chmod 644 *.hpi
# Create template for casc.yaml
RUN mkdir -p /tmp/data/casc_configs
COPY casc_templates/ /tmp/data/casc_configs/
# Set up directory structure for Cloudron
RUN mkdir -p /app/data && \
mkdir -p /tmp/data/jenkins_home
# Copy startup script
COPY start.sh /app/code/
RUN chmod +x /app/code/start.sh
# Copy NGINX configuration
COPY nginx.conf /app/code/
# Copy supervisor configuration
COPY supervisor.conf /etc/supervisor/conf.d/
# Use the cloudron user for Jenkins
RUN usermod -a -G jenkins cloudron && \
chown -R cloudron:cloudron /tmp/data
WORKDIR /app/data
# Entry point
CMD ["/app/code/start.sh"]

97
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/JenkinsBulldNotes.md Normal file
View File

@@ -0,0 +1,97 @@
# Jenkins for Cloudron - Build Notes
This document provides instructions for building, testing, and deploying the Jenkins package to Cloudron.
## Prerequisites
- Cloudron server (version 5.4.0 or higher)
- Docker installed on your build machine
- Cloudron CLI tool installed (`npm install -g cloudron`)
## File Structure
```
jenkins-cloudron/
├── CloudronManifest.json # Package definition
├── Dockerfile # Docker image build instructions
├── start.sh # Initialization script
├── nginx.conf # NGINX configuration
├── supervisor.conf # Supervisor configuration for process management
├── logo.png # App icon (128x128 PNG)
├── casc_templates/ # Jenkins Configuration as Code templates
│ ├── default.yaml # Default authentication config
│ ├── ldap.yaml # LDAP authentication config
│ └── oauth.yaml # OAuth/OIDC authentication config
```
## Building the Package
1. Create a directory for your package and place all files in the appropriate structure.
2. Download a Jenkins logo (128x128 PNG) and save it as `logo.png`
3. Build the Docker image:
```bash
cloudron build
```
4. Test the package locally:
```bash
cloudron install —image cloudron/jenkins
```
## Authentication Configuration
The package supports three authentication methods:
1. **Default (Local)**: Uses Jenkins built-in user database
2. **LDAP**: Uses Cloudrons LDAP server for authentication
3. **OAuth/OIDC**: Uses Cloudrons OAuth service for single sign-on
The authentication method is automatically configured based on the presence of environment variables provided by Cloudron.
## Testing
After installation, test the following:
1. **Basic functionality**:
- Access Jenkins through your Cloudron dashboard
- Verify the initial admin password works
- Create a simple pipeline job
2. **Authentication**:
- Test LDAP integration by enabling the LDAP addon
- Test OAuth/OIDC integration by enabling the OAuth addon
- Verify user permissions are correctly applied
3. **Persistence**:
- Install plugins through the Jenkins UI
- Restart the app to verify plugins persist
- Check that job configurations are maintained
## Troubleshooting
- **Jenkins doesnt start**: Check logs using `cloudron logs -f`
- **Authentication issues**: Verify the correct addons are enabled and configuration is applied
- **Permission problems**: Check the ownership and permissions of files in `/app/data`
## Updating Jenkins
When a new version of Jenkins is released, update the Dockerfile to pull the latest version and rebuild the package.
## Additional Notes
- The package uses Jenkins Configuration as Code (JCasC) to automate the setup process
- Jenkins runs as the `cloudron` user for proper permissions
- Files in `/app/data/jenkins_home` are persisted across restarts and updates
- Initial admin password is set to adminpass for local authentication
## Deployment to Cloudron App Store
If you wish to publish your app to the Cloudron App Store:
1. Update the CloudronManifest.json with your details
2. Test thoroughly on your own Cloudron instance
3. Follow the Cloudron App Publishing guidelines
Happy CI/CD with Jenkins on Cloudron!

26
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/casc_templates/default.yaml Normal file
View File

@@ -0,0 +1,26 @@
jenkins:
systemMessage: "Jenkins configured with local authentication"
securityRealm:
local:
allowsSignup: false
enableCaptcha: false
users:
- id: "admin"
password: "adminpass"
authorizationStrategy:
globalMatrix:
permissions:
- "Overall/Administer:admin"
- "Overall/Read:authenticated"
- "Job/Read:authenticated"
- "Job/Build:authenticated"
- "Job/Create:authenticated"
- "Job/Configure:authenticated"
- "View/Read:authenticated"
- "View/Create:authenticated"
- "View/Configure:authenticated"
unclassified:
location:
url: "${JENKINS_URL}"

32
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/casc_templates/ldap.yaml Normal file
View File

@@ -0,0 +1,32 @@
jenkins:
systemMessage: "Jenkins configured with Cloudron LDAP authentication"
securityRealm:
ldap:
configurations:
- server: "${CLOUDRON_LDAP_SERVER}"
rootDN: "${CLOUDRON_LDAP_USERS_BASE_DN}"
managerDN: "${CLOUDRON_LDAP_BIND_DN}"
managerPasswordSecret: "${CLOUDRON_LDAP_BIND_PASSWORD}"
userSearchBase: ""
userSearch: "uid={0}"
groupSearchBase: "${CLOUDRON_LDAP_GROUPS_BASE_DN}"
groupSearchFilter: "memberUid={0}"
displayNameAttributeName: "displayName"
mailAddressAttributeName: "mail"
authorizationStrategy:
globalMatrix:
permissions:
- "Overall/Administer:admin"
- "Overall/Read:authenticated"
- "Job/Read:authenticated"
- "Job/Build:authenticated"
- "Job/Create:authenticated"
- "Job/Configure:authenticated"
- "View/Read:authenticated"
- "View/Create:authenticated"
- "View/Configure:authenticated"
unclassified:
location:
url: "${JENKINS_URL}"

35
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/casc_templates/oauth.yaml Normal file
View File

@@ -0,0 +1,35 @@
jenkins:
systemMessage: "Jenkins configured with Cloudron OpenID Connect authentication"
securityRealm:
oic:
clientId: "${CLOUDRON_OAUTH_CLIENT_ID}"
clientSecret: "${CLOUDRON_OAUTH_CLIENT_SECRET}"
wellKnownOpenIDConfigurationUrl: "${CLOUDRON_OAUTH_ORIGIN}/.well-known/openid-configuration"
userNameField: "preferred_username"
tokenAuthMethod: "client_secret_basic"
scopes: "openid email profile groups"
fullNameFieldName: "name"
emailFieldName: "email"
groupsFieldName: "groups"
pkceEnabled: true
escapeHatchEnabled: true
escapeHatchUsername: "admin"
escapeHatchSecret: "adminpass"
escapeHatchGroup: "admin"
authorizationStrategy:
globalMatrix:
permissions:
- "Overall/Administer:admin"
- "Overall/Read:authenticated"
- "Job/Read:authenticated"
- "Job/Build:authenticated"
- "Job/Create:authenticated"
- "Job/Configure:authenticated"
- "View/Read:authenticated"
- "View/Create:authenticated"
- "View/Configure:authenticated"
unclassified:
location:
url: "${JENKINS_URL}"

55
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/nginx.conf Normal file
View File

@@ -0,0 +1,55 @@
worker_processes 1;
error_log stderr;
pid /run/nginx.pid;
daemon off;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Disable access logs to stdout - Cloudron handles these
access_log off;
server {
listen 8000;
client_max_body_size 50M;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Required for Jenkins websocket connections
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8080 $scheme://$host;
# Fix potential security issues
proxy_cookie_path / "/; HTTPOnly; Secure";
}
# Special config for OIDC callback
location /securityRealm/finishLogin {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}

50
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/start.sh Normal file
View File

@@ -0,0 +1,50 @@
#!/bin/bash
set -e
# Jenkins home directory
JENKINS_HOME=/app/data/jenkins_home
# Create necessary directories if they don't exist
if [[ ! -d "${JENKINS_HOME}" ]]; then
echo "Initializing Jenkins home directory"
mkdir -p "${JENKINS_HOME}"
cp -r /tmp/data/jenkins_home/* "${JENKINS_HOME}/" || true
# Copy plugins
mkdir -p "${JENKINS_HOME}/plugins"
cp -r /tmp/data/plugins/* "${JENKINS_HOME}/plugins/" || true
# Create directory for JCasC
mkdir -p "${JENKINS_HOME}/casc_configs"
fi
# Apply proper permissions
chown -R cloudron:cloudron "${JENKINS_HOME}"
# Set up Jenkins environment variables
export JENKINS_HOME
export JENKINS_OPTS="--httpPort=8080"
# Disable setup wizard
export JAVA_OPTS="-Djenkins.install.runSetupWizard=false"
# Setup JCasC configuration based on environment
if [[ -n "${CLOUDRON_OAUTH_CLIENT_ID}" ]]; then
echo "Setting up OAuth authentication"
envsubst < /tmp/data/casc_configs/oauth.yaml > "${JENKINS_HOME}/casc_configs/oauth.yaml"
export CASC_JENKINS_CONFIG="${JENKINS_HOME}/casc_configs/oauth.yaml"
elif [[ -n "${CLOUDRON_LDAP_SERVER}" ]]; then
echo "Setting up LDAP authentication"
envsubst < /tmp/data/casc_configs/ldap.yaml > "${JENKINS_HOME}/casc_configs/ldap.yaml"
export CASC_JENKINS_CONFIG="${JENKINS_HOME}/casc_configs/ldap.yaml"
else
echo "Using default authentication"
envsubst < /tmp/data/casc_configs/default.yaml > "${JENKINS_HOME}/casc_configs/default.yaml"
export CASC_JENKINS_CONFIG="${JENKINS_HOME}/casc_configs/default.yaml"
fi
# Configure Jenkins URL
JENKINS_URL="${CLOUDRON_APP_ORIGIN}"
echo "Setting Jenkins URL to ${JENKINS_URL}"
export JENKINS_URL
# Start supervisord, which will start NGINX and Jenkins
exec /usr/bin/supervisord --nodaemon -c /etc/supervisor/supervisord.conf

18
tsys-cloudron/jenkins.knownelement.com/CloudronPackage/supervisor.conf Normal file
View File

@@ -0,0 +1,18 @@
[program:nginx]
command=nginx -c /app/code/nginx.conf
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=true
[program:jenkins]
command=java -Djava.awt.headless=true -Djenkins.model.Jenkins.slaveAgentPort=50000 -Dhudson.model.UsageStatistics.disabled=true %(ENV_JAVA_OPTS)s -jar /usr/share/java/jenkins.war --httpPort=8080 --webroot=/var/cache/jenkins/war %(ENV_JENKINS_OPTS)s
directory=/app/data/jenkins_home
user=cloudron
environment=HOME="/app/data/jenkins_home",USER="cloudron"
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=true

3
tsys-cloudron/jenkins.knownelement.com/jenkins-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Jenkins
- https://projects.knownelement.com/issues/234

3
tsys-cloudron/kicad-ci.knownelement.com/kicad-ci-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Kicad CI
- https://projects.knownelement.com/issues/197

3
tsys-cloudron/langfuse.knownelement.com/langfuse-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Langfuse
- https://projects.knownelement.com/issues/198

3
tsys-cloudron/lists.knownelement.com/lists-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Lists
- https://projects.knownelement.com/issues/199

3
tsys-cloudron/llmops.knownelement.com/llm-ops-info.md Normal file
View File

@@ -0,0 +1,3 @@
# llm-ops
- https://projects.knownelement.com/issues/304

3
tsys-cloudron/logportal.knownelement.com/logportal-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Graylog
- https://projects.knownelement.com/issues/190

3
tsys-cloudron/maker.knownelement.com/maker-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Maker
- https://projects.knownelement.com/issues/282

3
tsys-cloudron/mlops.knownelement.com/mlops-info.md Normal file
View File

@@ -0,0 +1,3 @@
# MLOPS
- https://projects.knownelement.com/issues/305

3
tsys-cloudron/netbox.knownelement.com/netbox-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Netbox
- https://projects.knownelement.com/issues/201

3
tsys-cloudron/netdata.knownelement.com/netdata-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Netdata
- https://projects.knownelement.com/issues/202

3
tsys-cloudron/netmon.knownelement.com/netmon-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Netmon
- https://projects.knownelement.com/issues/203

3
tsys-cloudron/oncall.knownelement.com/oncall-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Oncall
- https://projects.knownelement.com/issues/204

3
tsys-cloudron/onedev.knownelement.com/onedev-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Onedev
- https://projects.knownelement.com/issues/306

3
tsys-cloudron/openblocks.knownelement.com/openblocks-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Openblocks
- https://projects.knownelement.com/issues/274

3
tsys-cloudron/openboxes.knownelement.com/info-openboxes.md Normal file
View File

@@ -0,0 +1,3 @@
# Openboxes
- https://projects.knownelement.com/issues/205

3
tsys-cloudron/openvas.knownelement.com/openvas-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Openvas
- https://projects.knownelement.com/issues/207

3
tsys-cloudron/ota.knownelement.com/ota-info.md Normal file
View File

@@ -0,0 +1,3 @@
# OTA
- https://projects.knownelement.com/issues/300

3
tsys-cloudron/payroll-engine.knownelement.com/docker-compose.yml Normal file
View File

@@ -0,0 +1,3 @@
#cfssl docker compose for tsys
#git subtree add --prefix upstream/cloudflare-cfssl https://github.com/rjrivero/docker-cfssl.git master --squash

2
tsys-cloudron/payroll-engine.knownelement.com/input-files/info Normal file
View File

@@ -0,0 +1,2 @@
This directory contains template files for the application at FQDN indidicated by the parent directory. They will be processed using mo (bash mustache).

1
tsys-cloudron/payroll-engine.knownelement.com/output-files/info Normal file
View File

@@ -0,0 +1 @@
This directory contains final docker compose files for the application at FQDN indidicated by the parent directory.

3
tsys-cloudron/payroll-engine.knownelement.com/vendor-files/info Normal file
View File

@@ -0,0 +1,3 @@
This directory contains files from the vendor unmodified. They serve as a base for the input-files sibling directory
https://github.com/Payroll-Engine/PayrollEngine/wiki

3
tsys-cloudron/payroute.knownelement.com/payroute-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Payroute
- https://projects.knownelement.com/issues/209

3
tsys-cloudron/phishtest.knownelement.com/phishtest-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Phish Test
- https://projects.knownelement.com/issues/211

3
tsys-cloudron/phplist.knownelement.com/phplist-info.md Normal file
View File

@@ -0,0 +1,3 @@
# PHPList
- https://projects.knownelement.com/issues/303

3
tsys-cloudron/platform.hfnoc.net/platform-info.md Normal file
View File

@@ -0,0 +1,3 @@
# Platform
- https://projects.knownelement.com/issues/212

Some files were not shown because too many files have changed in this diff Show More